Main Page | Namespace List | Class Hierarchy | Data Structures | Directories | File List | Data Fields | Globals | Related Pages

check_priv.php

Go to the documentation of this file.
00001 <?
00002 
00003 /*
00004  *   This file is part of PhpCompta.
00005  *
00006  *   PhpCompta is free software; you can redistribute it and/or modify
00007  *   it under the terms of the GNU General Public License as published by
00008  *   the Free Software Foundation; either version 2 of the License, or
00009  *   (at your option) any later version.
00010  *
00011  *   PhpCompta is distributed in the hope that it will be useful,
00012  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
00013  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00014  *   GNU General Public License for more details.
00015  *
00016  *   You should have received a copy of the GNU General Public License
00017  *   along with PhpCompta; if not, write to the Free Software
00018  *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
00019 */
00020 
00021 // Copyright Author Dany De Bontridder ddebontridder@yahoo.fr
00022 /* $Revision: 1.9 $ */
00028 include_once("postgres.php");
00046 function CheckJrn($p_dossier,$p_user,$p_jrn,$p_detail=False) 
00047 {
00048   if ( CheckIsAdmin( $p_user) == 1 ) return 2;
00049   $cn=DbConnect($p_dossier);
00050   // Special
00051   // p_jrn = 0 ==> grand livre access if there is no uj_prix=X
00052   // or detail
00053   if ( $p_jrn == 0 ) {
00054     if ( $p_detail == false) {
00055       //    $n_jrn=CountSql($cn,"select jrn_def_id from jrn_def");
00056       $n_for=CountSql($cn,"select jrn_def_id,uj_priv 
00057                  from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id
00058                     where uj_login='$p_user' and uj_priv='X'");
00059       if ( $n_for == 0 ) 
00060         return 2;
00061       else 
00062         return 0;
00063     } else {
00064       // For a detail, at least one jrn must be accessible
00065       $n_for=CountSql($cn, " select jrn_def_id,uj_priv 
00066                  from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id
00067                     where uj_login='$p_user' and uj_priv !='X'");
00068       if ( $n_for == 0 ) 
00069         return 0;
00070       else 
00071         return 2;
00072     }
00073     
00074  
00075   }
00076 
00077   // droit spécifique
00078   $Res2=ExecSql($cn,"select jrn_def_id,uj_priv 
00079                  from jrn_def left join user_sec_jrn on uj_jrn_id=jrn_def_id
00080                     where uj_login='$p_user' and jrn_def_id=$p_jrn");
00081 
00082   $PrivJrn=pg_NumRows($Res2);
00083   $cn=DbConnect();
00084   // droit par défaut
00085   $Res=ExecSql($cn,"  select * 
00086                        from ac_users left join jnt_use_dos using (use_id) 
00087                        left join priv_user on (priv_jnt=jnt_id) 
00088                       where use_login='$p_user' and
00089                        dos_id=$p_dossier");
00090 
00091   $DefRight=pg_NumRows($Res);
00092   echo_debug ("PrivJrn = $PrivJrn DefRight $DefRight");
00093   // Si les droits par défaut == 0, alors user n'a pas accès au dossier
00094   if ( $DefRight == 0 ) return 0;
00095   $Def=pg_fetch_array($Res,0);
00096 
00097   // Si les droits par défaut == NO, alors user n'a pas accès au dossier
00098   if ( $Def['priv_priv'] == "NO" ) return 0;
00099 
00100   if ( $Def['priv_priv'] == "W") {
00101   // Si droit pas défaut == écriture      
00102     if ( $PrivJrn == 0 ) {
00103       // Pas de droit spécifique sur jrn => droit par défaut = W
00104       return 2;
00105     }
00106     $Priv=pg_fetch_array($Res2,0);
00107     
00108     if ( $Priv['uj_priv'] == "X" ) return 0;
00109     if ( $Priv['uj_priv'] == "R" ) return 1;
00110     if ( $Priv['uj_priv'] == "W" ) return 2;
00111     echo '<H2 class="error"> Undefined right</H2>';
00112     echo_debug ("Droit Journal $Priv[uj_priv]");
00113     return 0;
00114   }
00115   if ( $Def['priv_priv'] == "R") {
00116   // Si droit pas défaut == Lire
00117     if ( $PrivJrn == 0 ) {
00118       // Pas de droit spécifique sur jrn => droit par défaut = Lire
00119       return 1;
00120     }
00121     $Priv=pg_fetch_array($Res2,0);
00122     
00123     if ( $Priv['uj_priv'] == "X" ) return 0;
00124     if ( $Priv['uj_priv'] == "R" ) return 1;
00125     if ( $Priv['uj_priv'] == "W" ) return 2;
00126     echo_debug ("Droit Journal $Priv[uj_priv]");
00127     echo '<H2 class="error"> Undefined right</H2>';
00128     return 0;
00129   }
00130   echo '<H2 class="error"> Undefined default right</H2>';
00131   return 0;
00132 
00133 }
00146 function CheckAction ( $p_dossier,$p_login,$p_action_id)
00147 {
00148   if ( CheckIsAdmin ($p_login) ) return 1;
00149   $cn=DbConnect($p_dossier);
00150   $Res=ExecSql($cn,"select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id");
00151   $Count=pg_NumRows($Res);
00152   if ( $Count == 0 ) return 0;
00153   if ( $Count == 1 ) return 1;
00154   echo "<H2 class=\"error\"> Invalid action !!! $Count select * from user_sec_act where ua_login='$p_login' and ua_act_id=$p_action_id </H2>";
00155 }
00167 function CheckIsAdmin($p_user) 
00168 {
00169   if ( $p_user == 'phpcompta') return 1;
00170   $sql="select use_id from ac_users where use_login='$p_user'
00171                 and use_active=1 and use_admin=1 ";
00172   $cn=DbConnect();
00173   
00174   $isAdmin=CountSql($cn,$sql);
00175 
00176 
00177   return $isAdmin;
00178 
00179 }
00192 function CheckDossier($p_user,$p_dossier) 
00193 {
00194   if ( CheckIsAdmin ($p_user) ) return 1;
00195   $cn=DbConnect();
00196   $sql="select  dos_id from ac_users 
00197                   natural join jnt_use_dos 
00198                   natural join  ac_dossier 
00199                   join  priv_user on ( priv_jnt=jnt_id)
00200           where use_active=1 
00201          and use_login='$p_user' 
00202          and dos_id='$p_dossier' 
00203          and priv_priv != 'NO'";
00204   return CountSql($cn,$sql);
00205 
00206 }
00207 
00208 ?>